CRITICALCVE-2026-30286Published 2026-03-31Modified 2026-04-02CNA mitre

CVE-2026-30286: An arbitrary file overwrite vulnerability in Funambol, Inc

An arbitrary file overwrite vulnerability in Funambol, Inc. Zefiro Cloud v32.0.2026011614 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

CVSS v3.1: 9.8
Severity: CRITICAL
Fixed in: —
Affected Products: 1

Affected packages

n/a / n/a
n/a

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

secsys.fudan.edu.cn
play.google.com
zefiro.me
github.com

Metrics